From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 10394 invoked by uid 1002); 8 Sep 2003 03:27:35 -0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 9341 invoked from network); 8 Sep 2003 03:27:35 -0000 From: Jan Krueger Organization: microgalaxy.net To: Jon Portnoy Date: Mon, 8 Sep 2003 05:33:05 +0000 User-Agent: KMail/1.5.2 Cc: gentoo-dev@gentoo.org References: <200309080454.04214.jk@microgalaxy.net> <20030908030302.GA12215@cerberus.oppresses.us> In-Reply-To: <20030908030302.GA12215@cerberus.oppresses.us> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200309080533.05121.jk@microgalaxy.net> Subject: Re: [gentoo-dev] gentoo-project X-Archives-Salt: b1b7ba8f-d24d-4b0d-a1a9-f0dc1b38fe2c X-Archives-Hash: 3dfb6b91aa3362531fca3a67a2405233 On Monday 08 September 2003 03:03, Jon Portnoy wrote: > You haven't shared many of your views Here they are again summed up for the interested reader: =2Dprevent ebuilds from modifying the life filesystem (from pkg_postinst fo= r=20 example), portage is the only one allowed to do so. that means a real sandb= ox=20 over full ebuild time. the image is ready after src_install. portage than=20 puts the files at the right place. The ebuild itself can in no way touch th= e=20 live filesystem. there is no need for the ebuild to do so. (putting the build system into UML would be a considerable option for this.= =20 maybe oversized) =2Dallow the actual package install process only to add files to the filesy= stem=20 or to only modify/remove files that belong to an revision of the same ebuild (qa would benefit from this suggestions too.). Portage, before putting all = the=20 files from the image into the life filesystem, scans the image for all file= s=20 in there. now it has a list of files it is going to install. So it=20 scans now the live filesystem if thes files, or some of them exist. If they= =20 exist in the live filesystem, portage checks if they belong to a revision o= f=20 the same ebuild. -if they dont belong to a revision of the same ebuild and are not found in= =20 the live filesystem it would be an addition of new software so the files ar= e=20 put into action -if they are found in the filesystem and belong to a revision of the same= =20 ebuild it would be an upgrade or downgrade and are put into action -if they are found in the filesystem and do not belong to a revision of th= e=20 same ebuild -> something is wrong (might be init going to be overwritten) -= >=20 inform the user and fail =2Dprovide an secure abtraction for things, like adding values to global co= nfig=20 files, depmod -a, that may be required to do after installing the files to= =20 the life filesystem. =46rom my answer to Jon: > So we should never be able to tweak config files et al in an ebuild? an ebuild may freely modify its own config files. modification of config files not belonging to the ebuild should be done via= an=20 already suggested, secure abstraction, lets say a function like: changeconf phph.ini "line to add to phpini" portage could then intercept, respecting the suggested CONFIG_EXCLUDE or ot= her=20 user settings, or, if no user setting is the way, go to apply the change. This way it would be impossible for the ebuild to wipe php.ini. Also the user, via CONFIG_EXCLUDE, may completely switch of editing of php.= ini=20 by ebuilds. On the other hand, if the user doesnt care, the ebuild is free = to=20 add this line to php.ini. =2D another one was the above mentioned CONFIG_EXCLUDE in /etc/make.conf: This variable would accept a list of directories/files for which the behavi= our=20 of portage would be like follows: whenever portage has the image of the to install software ready it scans th= is=20 image for the values in CONFIG_EXCLUDE. whenever it finds such a directory/file in the image it moves the=20 directory/file to the doc-directory (eg:=20 /usr/share/doc/${PF}/excluded_config/ ) of the image (and maybe writes a=20 message to the user/log) after that portage continues normally. > repeated yourself without elaborating or expressing > specific concepts. If, in your eyes, above things arent concepts and specific i dont know what= =20 else actually is. I dont understand you, you dont understand me, so thats t= he=20 wrong place for me, i quit. I always tried to be strictly technical, maybe sometimes i failed. i am hum= an. Sorry. Dont hate me, i, as you, only try to do my best. Have a nice time Jan -- gentoo-dev@gentoo.org mailing list